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WHAT IS CLAIMED IS: 

1 1 . A method for identifying an unauthorized cUent communication system 

2 seeking access to a host communication system, comprising: 

3 locating a memory segment within a cHent communication system that stores client 

4 software used to access a host communication system; 

5 determining whether the client software stored in the memory segment located 

6 corresponds to cUent software for an official chent communication system; and 

7 identifying the client communication system as an unauthorized client 

8 communication system when the client software stored in the memory segment located does 

9 not correspond to the client software for an official client communication system, 

" 1 2. The method of claim 1 , wherein locating the memory segment comprises: 

55 2 identifying a type or version of client software being used by the client 

3 communication system to enable communication, and 

4 locating the memory segment of the client communication system based on the 

•+ «i 

5 identified type or version, 

1 3 . The method of claim 2, wherein identifying the type or version comprises 

g 2 receiving information indicating the type or version of the client software from the client 

3 communication system when a communication session is initiated. 

1 4. The method of claim 2, wherein identifying the type or version comprises 

2 performing a diagnostic on the client communication system to automatically determine the 

3 type or version of the client software. 

1 5 . The method of claim 1 , wherein locating the memory segment comprises 

2 locating a memory segment of the cHent communication system that includes client software 

3 that remains unchanged in memory segments of official client communication systems. 
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1 6. The method of claim 1 , wherein locating the memory segment comprises 

2 locating a memory segment of the client communication system that includes client software 

3 that is user independent in memory segments of official client communication systems, 

1 7. The method of claim 1 , wherein locating the memory segment comprises 

2 identifying the memory segment based on a random selection among several memory 

3 segments that store the chent software. 

1 8. The method of claim 7, wherein identifying the memory segment comprises 

2 identifying the memory segment based on a random selection among several memory 

3 segments including client software that remains unchanged with respect to each particular 
^3 4 client. 

f ^ 1 9. The method of claim 8, wherein identifying the memory segment comprises 

H 2 identifying the memory segment based on a random selection among several memory 

12 3 segments including a continuous piece of client software on the memory segment that is 

■ •^ 4 Stored without relocation of any intermediate client software. 

I' * 

^ 1 10. The method of claim 1, wherein determining whether the client software 

[j 2 corresponds to official software comprises comparing the cUent software stored in the 

3 identified memory segment with the corresponding client software of the official client 

4 communication system. 

1 11. The method of claim 1 0, wherein comparing the client software comprises: 

2 performing a mathematical computation on the contents of the identified memory 

3 segment; and 

4 comparing results from the mathematical computation performed on the contents of 

5 the identified memory segment against a mathematical representation for the corresponding 

6 client software of the official communication system. 
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12. The method of claim 1 1 , wherein the mathematical computation comprises a 
checksum. 

1 3 . The method of claim 1 1 , wherein the mathematical computation comprises a 
hashing algorithm, 

14. The method of claim 1 , further comprising terminating communications from 
the client communication system when the client software stored in the memory segment is 
determined to diverge from predictable client software for an official client communication 
system. 

15. The method of claim 13, wherein terminating communications is performed 
after a predetermined and intentional delay once the cHent communication system is 
identified as an unauthorized client communication system. 

16. The method of claim 1, farther comprising sending a notification to the user of 
the client communication system indicating identification of an unauthorized client when the 
client software stored in the memory segment is determined to diverge from predictable 
client software for an official client communication system. 

17. A computer readable medium or propagated signal having embodied thereon a 
computer program for identifying an unauthorized client communication system seeking 
access to a host communication system, the computer program comprising: 

a locating code segment for locating a memory segment within a client 
communication system that stores client software used to access a host communication 
system; 

a determining code segment for determining whether the cUent software stored in the 
memory segment located corresponds to chent software for an official client communication 
system; and 

an identifying code segment for identifying the client conmiunication system as an 
unauthorized client communication system when the client software stored in the memory 

-30- 



Attorney Docket No.: 06975-071001 / Security 04 

1 2 segment located does not correspond to the client software for an official client 

13 communication system. 

1 18. The medium of claim 1 7, wherein the locating code segment comprises: 

2 an identifying code segment for identifying a type or version of chent software being 

3 used by the client communication system to enable communication, and 

4 a locating code segment for locating the memory segment of the client 

5 communication system based on the identified type or version. 

1 1 9. The medium of claim 1 8, wherein the identifying code segment comprises a 

2 receiving code segment for receiving information indicating the type or version of the client 

3 software fi:*om the client communication system when a communication session is initiated. 

|g 1 20. The medium of claim 1 8, wherein the identifying code segment comprises a 

2 performing code segment for performing a diagnostic on the chent communication system to 

1;^ 3 automatically determine the type or version of the chent software being used by the client 

i:.t-= 4 communication system to enable communication. 

i n 1 21, The medium of claim 1 7, wherein the locating code segment comprises a code 

% 2 segment for locating a memory segment of the client communication system that includes 

□ 3 client software that remains unchanged in memory segments of official client communication 

4 systems. 

1 22. The medium of claim 17, wherein the locating code segment comprises a code 

2 segment for locating a memory segment of the client communication system that includes 

3 client software that is user independent in memory segments of official chent communication 

4 systems. 

1 23. The medium of claim 17, wherein the locating code segment comprises an 

2 identifying code segment for identifying the memory segment based on a random selection 

3 among several memory segments that include the client software. 
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24. The medium of claim 23, wherein the identifying code segment comprises a 
code segment for identifying the memory segment based on a random selection among 
several memory segments including client software that remains unchanged. 

25. The medium of claim 17, wherein the determining code segment comprises a 
comparing code segment for comparing the client software stored in the identified memory 
segment with the corresponding client software of the official client communication system, 

26. The medium of claim 25, wherein the comparing code segment comprises: 
a performing code segment for performing a mathematical computation on the 

contents of the identified memory segment; and 

a comparing code segment for comparing results from the mathematical computation 
performed on the contents of the identified memory segment against a mathematical 
representation for the corresponding client software of the official communication system. 

27. The medium of claim 26, wherein the mathematical computation comprises a 
checksum. 

28. The medium of claim 26, wherein the mathematical computation comprises a 
hashing algorithm. 

29. The medium of claim 17, further comprising a terminating code segment for 
terminating communications from the client communication system when the client software 
stored in the memory segment is determined to diverge from predictable client software for 
an official client communication system. 

30. An apparatus for identifying an unauthorized client communication system 
seeking access to a host communication system, the apparatus comprising: 

a locator structured and arranged to locate a memory segment within a client 
communication system that stores client software used to access a host communication 
system; 
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6 a comparing device structured and arranged to determine whether the cUent software 

7 stored in the memory segment located corresponds to cUent software for an official client 

8 communication system; and 

9 an identifier structured and arranged to identify the client communication system as 

1 0 an unauthorized client communication system when the client software stored in the memory 

1 1 segment located does not correspond to the client software for an official client 

12 communication system. 

1 31. The apparatus of claim 30^ wherein the locator comprises: 

2 an identifier structured and arranged to identify a type or version of client software 

3 being used by the client communication system to enable communication, and 

4 a locator structured and arranged to locate the memory segment of the client 

5 communication system based on the identified type or version. 

1 32. The apparatus of claim 3 1 , wherein the identifier comprises a receiver 

2 structured and arranged to receive information fi'om the client communication system when 

3 the communication session is initiated indicating the type or version of client software, 

1 33, The apparatus of claim 31, wherein the identifier comprises a testing device 

2 structured and arranged to perform a diagnostic on the client communication system to 

3 automatically determine the type or version of the client software being used by the client 

4 communication system to enable communication. 

1 34. The apparatus of claim 30, wherein the locator comprises a memory segment 

2 locator structured and arranged to locate a memory segment of the client communication 

3 system that includes client software that remains unchanged in memory segments of official 

4 client communication systems. 

1 35. The apparatus of claim 30, wherein the locator comprises a memory segment 

2 locator structured and arranged to locate a memory segment of the client communication 

3 system that includes client software that is user independent in memory segments of official 

4 client communication systems. 

-33- 



Attorney Docket No, : 06975-07 1 00 1 / Security 04 

36. The apparatus of claim 30, wherein the locator comprises an identifier 
structured and arranged to identify the memory segment based on a random selection among 
several memory segments that include the client software. 

37. The apparatus of claim 36, wherein the identifier comprises a memory segment 
identifier structured and arranged to identify the memory segment based on a random 
selection among several memory segments including client software that remains unchanged. 

38. The apparatus of claim 30, wherein the comparing device comprises a 
comparing device structured and arranged to compare the client software stored in the 
identified memory segment with the corresponding client software of the official client 
communication system. 

39. The apparatus of claim 38, wherein the comparing device comprises: 

a testing device structured and arranged to test a mathematical computation on the 
contents of the identified memory segment; and 

a comparing device structured and arranged to compare results from the mathematical 
computation performed on the contents of the identified memory segment against a 
mathematical representation for the corresponding client software of the official 
communication system. 

40. The apparatus of claim 39, wherein the mathematical computation comprises a 
checksum. 

41. The apparatus of claim 39, wherein the mathematical computation comprises a 
hashing algorithm. 

42. The apparatus of claim 30, fiirther comprising a device structured and arranged 
to terminate communications from the client communication system when the client software 
stored in the memory segment is determined to diverge from predictable cHent software for 
an official client communication system. 
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